LockBit, probably the most well-known Ransomware-as-a-Service (RaaS) teams, suffered a critical safety breach that uncovered round 60,000 Bitcoin addresses.
On Could 8, blockchain safety agency SlowMist reported that hackers exploited a PHP 0-day or 1-day vulnerability to achieve unauthorized entry to LockBit’s backend techniques and admin console.
SlowMist identified that the hack resulted within the leak of a compressed file containing delicate information. Different uncovered info from the breach contains non-public keys, inner chat data, and particulars of affiliated entities. The hackers left a message on the web site saying,
“Don’t do crime CRIME IS BAD crime is dangerous xoxo from Prague.”
LockBit, in a message with risk researcher Rey, mentioned that solely pockets addresses and chat logs have been printed from the assault. The platform insisted that no decryptors or supply code have been stolen from the breach.
In the meantime, SlowMist, utilizing its Mistrack system, traced one in every of LockBit’s Bitcoin pockets addresses.
The agency reported that the transaction path appeared clear and led on to recognized crypto exchanges. This implies the attacker could have already tried to money out or launder the stolen funds.
LockBit provides bounty
LockBit has reportedly clarified that solely a light-weight administration panel had been breached. It emphasised that core instruments just like the locker builder, decryptors, and supply code remained safe.
Regardless of this declare, the breach marks a major blow to its prison credibility amongst associates and shoppers.
In a stunning twist, LockBit supplied a bounty for info on the hacker. The group claims the attacker could also be somebody referred to as “xoxo” based mostly in Prague.
The platform said:
“In case you can present correct and dependable details about this particular person’s id — I’m keen to pay for it.”
This bounty supply comes with a touch of irony, as LockBit is a goal of a US authorities bounty program.
The US authorities accuse the group of executing over 2,500 ransomware assaults in additional than 120 nations. Almost 1,800 of these victims have been reportedly based mostly in the USA.
The Division of Justice claims the LockBit group extorted greater than $500 million in ransom funds, with complete losses, factoring in restoration and downtime, reaching into the billions.
